Quoting from man iptables: " This target is only valid in the INPUT, FORWARD and OUTPUT chains" Since the validation is done by the kernel module, you don't see the error message directly, but rather via syslog; e.g. in my case, in /var/log/messages you see " kernel: ip_tables: REJECT target: only valid in filter table, not mangle" > -----Original Message----- > From: netfilter-owner@xxxxxxxxxxxxxxx [mailto:netfilter- > owner@xxxxxxxxxxxxxxx] On Behalf Of Ralf > Sent: Monday, February 09, 2009 12:08 PM > To: netfilter@xxxxxxxxxxxxxxx > Subject: Error when adding an entry to mangle/PREROUTING > > The following command brings an error ("iptables: Invalid argument"): > > $IPTABLES -t mangle -A PREROUTING -p tcp --dport 9999 -j REJECT > > What's wrong here? > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html